SHA256-Wert für Betreffschlüsselkennung abrufen

Question 1

The Subject Key Identifier (SKI or SKID) is a property (an X.509 extension) of an individual certificate.

It is typically computed as a SHA-1 hash when a certificate is being signed, the data that is hashed may vary but will typically include at least the subjectPublicKey bit string, and it may not be a complete 160 bit SHA-1 value.

The only things that (technically) care about how the hash is created are the system doing the signing, or sometimes the system doing creating the request, since it can be added to a request. Outside of that, it is treated as an opaque fingerprint or unique ID - its value need only be compared to identify a specific certificate or its issuer (to assist and optimise path checking), it need not be recomputed.

If you want to properly compute the SHA-256 hash, then you will need to find out what fields exactly your system uses to compute the hash, and use that as input to SHA-256. See RFC 5280, especially §4.2.1.1 and §4.2.1.2. The signed data is probably just the subjectPublicKey or subjectPublicKeyInfo in binary DER format, the latter seems to be the case for an OpenSSL signed certificate.

This (expired) RFC draft proposes usage of SHA-2 hashes for subject key identifiers: https://datatracker.ietf.org/doc/html/draft-turner-additional-methods-4kis-08

There's a feature request and patch for this languishing slightly in OpenSSL bug #2599

Answer

The Subject Key Identifier (SKI or SKID) is a property (an X.509 extension) of an individual certificate.

It is typically computed as a SHA-1 hash when a certificate is being signed, the data that is hashed may vary but will typically include at least the subjectPublicKey bit string, and it may not be a complete 160 bit SHA-1 value.

The only things that (technically) care about how the hash is created are the system doing the signing, or sometimes the system doing creating the request, since it can be added to a request. Outside of that, it is treated as an opaque fingerprint or unique ID - its value need only be compared to identify a specific certificate or its issuer (to assist and optimise path checking), it need not be recomputed.

If you want to properly compute the SHA-256 hash, then you will need to find out what fields exactly your system uses to compute the hash, and use that as input to SHA-256. See RFC 5280, especially §4.2.1.1 and §4.2.1.2. The signed data is probably just the subjectPublicKey or subjectPublicKeyInfo in binary DER format, the latter seems to be the case for an OpenSSL signed certificate.

This (expired) RFC draft proposes usage of SHA-2 hashes for subject key identifiers: https://datatracker.ietf.org/doc/html/draft-turner-additional-methods-4kis-08

There's a feature request and patch for this languishing slightly in OpenSSL bug #2599

Question 2

It doesn't exist, and you really don't need it to exist. A certificate needs only a unique identifier in the Subject Key IDentifier property that can tell your system which key to use to decrypt it. It doesn't even need to be a hash, it just needs to be unique. You could just as well use the text "Zeutheus Key #1" for a SKID, as long as you don't re-use it to label a different key.

Wenn Sie wirklich SHA-256 verwenden möchten, um Ihre SKID zu generieren, dann nur zu. Sobald Sie sie haben, müssen Sie eine neue Zertifikatsanforderung erstellen, die den neuen Wert verwendet, und diese signieren lassen. Einige Tools, wie Microsofts certutil.exe, ermöglichen es Ihnen, den spezifischen Wert für jede OID in einer Zertifikatsanforderung festzulegen. Sie könnten den SHA-256-Hash Ihres öffentlichen Schlüssels generieren und diesen Wert dann in die SKID-OID einfügen. Aber das ist eine ganze Menge Arbeit, die Sie nicht tun müssen, wenn standardmäßig ein SHA-1-Hash generiert wird, der für diesen Zweck gut genug funktioniert.

Answer

It doesn't exist, and you really don't need it to exist. A certificate needs only a unique identifier in the Subject Key IDentifier property that can tell your system which key to use to decrypt it. It doesn't even need to be a hash, it just needs to be unique. You could just as well use the text "Zeutheus Key #1" for a SKID, as long as you don't re-use it to label a different key.

Wenn Sie wirklich SHA-256 verwenden möchten, um Ihre SKID zu generieren, dann nur zu. Sobald Sie sie haben, müssen Sie eine neue Zertifikatsanforderung erstellen, die den neuen Wert verwendet, und diese signieren lassen. Einige Tools, wie Microsofts certutil.exe, ermöglichen es Ihnen, den spezifischen Wert für jede OID in einer Zertifikatsanforderung festzulegen. Sie könnten den SHA-256-Hash Ihres öffentlichen Schlüssels generieren und diesen Wert dann in die SKID-OID einfügen. Aber das ist eine ganze Menge Arbeit, die Sie nicht tun müssen, wenn standardmäßig ein SHA-1-Hash generiert wird, der für diesen Zweck gut genug funktioniert.

SHA256-Wert für Betreffschlüsselkennung abrufen

Antwort1

Antwort2

verwandte Informationen